﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.IO;
using System.Drawing;
using System.Web.UI.HtmlControls;

namespace Forums
{
    public partial class EditAccountPage_MB : System.Web.UI.Page
    {
        string connection;
        SqlConnection sqlConnection;
        SqlCommand sqlCommand;
        bool error;


        protected void Page_Load(object sender, EventArgs e)
        {
            error = false;
            lblPasswordUpdated.Text = null;
            string user_id = Session["User"].ToString();
            connection = WebConfigurationManager.ConnectionStrings["CentForumsDB"].ConnectionString;
            sqlConnection = new SqlConnection(connection);
        }

        public void userCheck(object sender, EventArgs e)
        {
            lblUserPass.Visible = false;

            string user_id = Session["User"].ToString();
            string oldPass = txtOldPassword.Text;
            string newPass = txtOldPassword.Text;

            sqlConnection.Open();

            //confirm password is correct
            string sqlStatement = "SELECT COUNT(1) FROM Registration WHERE user_accnt = " + user_id + "AND pwdcompare('" + oldPass + "', password) = 1";
            sqlCommand = new SqlCommand(sqlStatement, sqlConnection);

            int count = Convert.ToInt32(sqlCommand.ExecuteScalar());

            sqlConnection.Close();

            //user & password combo not found
            if (count == 0)
            {
                lblUserPass.Visible = true;
                txtOldPassword.Focus();
                error = true;
            }
            else
            {
                ViewState["oldpassword"] = txtOldPassword.Text;
                txtOldPassword.Attributes.Add("value", ViewState["oldpassword"].ToString());
                txtNewPassword.Focus();
            }
        }

        protected void btnUpdate_Click(object sender, EventArgs e)
        {
            string oldpassword = txtOldPassword.Text;
            string newPassword = txtNewPassword.Text;
            string passCheck = txtConfirm.Text;
            string user_id = Session["User"].ToString();
            sqlConnection.Open();

            if (passCheck != newPassword)
            {
                error = true;
            }

            if (txtOldPassword.Text.Length == 0)
            {
                error = true;
            }

            //if user entered wrong password
            if (error == false)
            {
                //set new password is correct
                string sqlStatement = "UPDATE Registration SET password = pwdencrypt('" + newPassword + "') WHERE user_accnt = " + user_id;
                sqlCommand = new SqlCommand(sqlStatement, sqlConnection);

                int count = Convert.ToInt32(sqlCommand.ExecuteNonQuery());

                if (count > 0)
                {
                    lblPasswordUpdated.Text = "Password Updated!";
                    txtOldPassword.Attributes.Remove("value");
                }
                else
                {
                    lblPasswordUpdated.Text = "Password error!";
                }
                sqlConnection.Close();
            }
            else
            {
                lblPasswordUpdated.Text = "Passwords do not match";
            }

        }

        private int imageToDB(byte[] imgbin)
        {            
            string user_id = Session["User"].ToString();
            
            //setup the sql statement then execute
            string sqlStatement = "UPDATE Registration SET avatar = @userAvatar WHERE user_accnt = " + user_id;
            SqlCommand avatarUpload = new SqlCommand(sqlStatement, sqlConnection);

            SqlParameter parameter = new SqlParameter("@userAvatar", SqlDbType.Image);
            parameter.Value = imgbin;
            avatarUpload.Parameters.Add(parameter);
            sqlConnection.Open();

            int count = avatarUpload.ExecuteNonQuery();
            sqlConnection.Close();
            
            return count;
        }

        protected void btnUpload_Click(object sender, EventArgs e)
        {
            //get info about the selected file
            Stream imgStream = uploadAvatar.PostedFile.InputStream;
            int imgLength = uploadAvatar.PostedFile.ContentLength;
            byte[] imgData = new byte[imgLength];

            lblStatus.Text = "";
            imgStream.Read(imgData, 0, imgLength);
            string fileExtentsion=Path.GetExtension(uploadAvatar.PostedFile.FileName);
            
            if (fileExtentsion == ".gif")
            {

                Bitmap avatar = new Bitmap(imgStream);

                if (avatar.Width > 70 || avatar.Height > 70)
                {
                    lblStatus.Text = "File is too large. Must be at most 65 X 65";
                }
                else
                {
                    //send file to db
                    int count = imageToDB(imgData);

                    //check if file was uploaded successfully
                    if (count > 0)
                    {
                        lblStatus.Text = "Success";

                        //Response.Redirect
                    }
                    else
                    {
                        lblStatus.Text = "Error occurred";
                    }
                }
            }
            else
            {
                lblStatus.Text = "Must be a GIF file.";
            }
        }


         
    }
}
